After reading a news about another major database leaks, one of our clients contacted us with the request to make a security audit of the corporate accounts. The task was to exclude the possibility of corporate accounts being leaked.
Preventing Data Breach Through Leaked Accounts
Pre–history
Steps taken
- Every personal and corporate emails have been scanned through the available leaked databases using an API. The scan revealed a number of accounts that have been compromised and passwords to those accounts. Some of the personal accounts had similar passwords with corporate accounts.
- All the compromised accounts have been locked.
- Compromised accounts activity audit has been carried out to exclude the possibility of the third person accessing the corporate account and any harmful activity.
Problem resolution
- All users are urged to change passwords according to the security standards.
- All the passwords are set to 30 days expiration.
- Second tier authentication has been implemented.
- Some of the corporate resources were restricted to access from outside of the corporate network.
- Leaked accounts scan has been implemented into company security protocol.